Question No: 41

A user suspects someone has been accessing a home network without permission by spoofing the MAC address of an authorized system While attempting to determine if an unauthorized user is togged into the home network, the user reviews the wireless router, which shows the following table for systems that are currently on the home network.

Which of the following should be the NEXT step to determine if there is an unauthorized user on the network?

Apply MAC filtering and see if the router drops any of the systems.

Physically check each of the authorized systems to determine if they are togged onto the network.

Deny the “unknown” host because the hostname is not known and MAC filtering is not applied to this host.

Conduct a ping sweep of each of the authorized systems and see if an echo response is received.

Answer: C

Question No: 42

A botnet has hit a popular website with a massive number of GRE-encapsulated packets to perform a DDoS attack News outlets discover a certain type of refrigerator was exploited and used to send outbound packets to the website that crashed. To which of the following categories does the refrigerator belong?

SoC

ICS

IoT

MFD

Answer: D

Question No: 43

An organization has determined it can tolerate a maximum of three hours of downtime. Which of the following has been specified?

RTO

RPO

MTBF

MTTR

Answer: B

Question No: 44

A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings. Which of the following is the MOST likely risk in this situation?

An attacker can access and change the printer configuration.

SNMP data leaving the printer will not be properly encrypted.

An MITM attack can reveal sensitive information.

An attacker can easily inject malicious code into the printer firmware.

Attackers can use the PCL protocol to bypass the firewall of client computers.

Answer: A

Question No: 45

A network administrator at a small office wants to simplify the configuration of mobile clients connecting to an encrypted wireless network. Which of the following should be implemented if the administrator does not want to provide the wireless password or certificate to the employees?

802.1x

WPA2-PSK

TKIP

none of the above

Answer: B

Question No: 46

Despite having implemented password policies, users continue to set the same weak passwords and reuse old passwords. Which of the following technical controls would help prevent these policy violations? (Select TWO).

Password expiration

Password length

Password complexity

Password history

Password lockout

Answer: BC

Question No: 47

A company determines that it is prohibitively expensive to become compliant with new credit card regulations. Instead, the company decides to purchase insurance to cover the cost of any potential loss. Which of the following is the company doing?

Transferring the risk

Accepting the risk

Avoiding the risk

Mitigating the risk

Answer: A

Question No: 48

A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?

URL hijacking

Reconnaissance

White box testing

Escalation of privilege

Answer: B

Question No: 49

An attacker compromises a public CA and issues unauthorized X.509 certificates for Company.com. In the future, impact of similar incidents. Which of the following would assist Company.com with its goal?

Certificate pinning

Certificate stapling

Certificate chaining

Certificate with extended validation

Answer: C

Question No: 50

Joe, an employee, wants to show his colleagues how much he knows about smartphones. Joe demonstrates a free movie application that he installed from a third party on his corporate smartphone. Joe’s colleagues were unable to find the application in the app stores. Which of the following allowed Joe to install the application? (Select TWO).